Google is committed to advancing racial equity for Black communities. See how.

PasscodeEncryptionSupport

public final class PasscodeEncryptionSupport extends Object

Utility methods for encrypting and decrypting passcode using the Nest Passcode Encryption scheme.

Constant Summary

int kPasscodeEncryptionConfig1_TEST_ONLY Passcode encryption configuration 1 (TEST ONLY) Note: This encryption configuration is for testing only and provides no integrity or confidentiality.
int kPasscodeEncryptionConfig2 Passcode encryption configuration 2

Field Summary

public static final byte[] kPasscodeEncKeyDiversifier Key diversifier used in the derivation of the passcode encryption and authentication keys.
public static final byte[] kPasscodeFingerprintKeyDiversifier Key diversifier used in the derivation of the passcode fingerprint key.

Public Constructor Summary

Public Method Summary

static String
decryptPasscode(byte[] encryptedPasscode, byte[] encKey, byte[] authKey, byte[] fingerprintKey)
Decrypt a passcode that was encrypted using the Nest Passcode Encryption scheme.
static byte[]
encryptPasscode(int config, int keyId, long nonce, String passcode, byte[] encKey, byte[] authKey, byte[] fingerprintKey)
Encrypt a passcode using the Nest Passcode Encryption scheme.
static int
getEncryptedPasscodeConfig(byte[] encryptedPasscode)
Extract the configuration type from an encrypted Passcode.
static byte[]
getEncryptedPasscodeFingerprint(byte[] encryptedPasscode)
Extract the fingerprint from an encrypted Passcode.
static int
getEncryptedPasscodeKeyId(byte[] encryptedPasscode)
Extract the key id from an encrypted Passcode.
static long
getEncryptedPasscodeNonce(byte[] encryptedPasscode)
Extract the nonce value from an encrypted Passcode.
static boolean
isSupportedPasscodeEncryptionConfig(int config)
Determines if the specified Passcode encryption configuration is supported.

Inherited Method Summary

Constants

public static final int kPasscodeEncryptionConfig1_TEST_ONLY

Passcode encryption configuration 1 (TEST ONLY) Note: This encryption configuration is for testing only and provides no integrity or confidentiality. Config 1 is only available in development builds.

Constant Value: 1

public static final int kPasscodeEncryptionConfig2

Passcode encryption configuration 2

Constant Value: 2

Fields

public static final byte[] kPasscodeEncKeyDiversifier

Key diversifier used in the derivation of the passcode encryption and authentication keys.

public static final byte[] kPasscodeFingerprintKeyDiversifier

Key diversifier used in the derivation of the passcode fingerprint key.

Public Constructors

public PasscodeEncryptionSupport ()

Public Methods

public static String decryptPasscode (byte[] encryptedPasscode, byte[] encKey, byte[] authKey, byte[] fingerprintKey)

Decrypt a passcode that was encrypted using the Nest Passcode Encryption scheme.

Parameters
encryptedPasscode
encKey
authKey
fingerprintKey

public static byte[] encryptPasscode (int config, int keyId, long nonce, String passcode, byte[] encKey, byte[] authKey, byte[] fingerprintKey)

Encrypt a passcode using the Nest Passcode Encryption scheme.

Parameters
config
keyId
nonce
passcode
encKey
authKey
fingerprintKey

public static int getEncryptedPasscodeConfig (byte[] encryptedPasscode)

Extract the configuration type from an encrypted Passcode.

Parameters
encryptedPasscode

public static byte[] getEncryptedPasscodeFingerprint (byte[] encryptedPasscode)

Extract the fingerprint from an encrypted Passcode.

Parameters
encryptedPasscode

public static int getEncryptedPasscodeKeyId (byte[] encryptedPasscode)

Extract the key id from an encrypted Passcode.

Parameters
encryptedPasscode

public static long getEncryptedPasscodeNonce (byte[] encryptedPasscode)

Extract the nonce value from an encrypted Passcode.

Parameters
encryptedPasscode

public static boolean isSupportedPasscodeEncryptionConfig (int config)

Determines if the specified Passcode encryption configuration is supported.

Parameters
config